Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/CB75-7ah62v6TYnVqnCBamjkWQU.roa
File: CB75-7ah62v6TYnVqnCBamjkWQU.roa (raw, json)
Hash identifier: VxMI0ciVfVsAFfODNeeTRNn2SUbkhimvfCbsIFj5y64=
Subject key identifier: 08:1E:F9:FB:B6:A1:EB:6B:FA:4D:89:D5:AA:70:81:6A:68:E4:59:05
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 1D33BE71
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/CB75-7ah62v6TYnVqnCBamjkWQU.roa
Signing time: Wed 23 Mar 2022 19:17:05 +0000
ROA not before: Wed 23 Mar 2022 19:17:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3319
IP address blocks: 195.178.144.0/21 maxlen: 21
185.143.56.0/22 maxlen: 24
195.178.152.0/22 maxlen: 22
77.47.212.0/23 maxlen: 23
77.47.244.0/22 maxlen: 22
77.47.248.0/22 maxlen: 24
77.47.252.0/22 maxlen: 24
77.47.148.0/22 maxlen: 24
77.47.152.0/24 maxlen: 24
77.47.154.0/24 maxlen: 24
77.47.153.0/24 maxlen: 24
77.47.155.0/24 maxlen: 24
77.47.156.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 489930353 (0x1d33be71)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Mar 23 19:17:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=081ef9fbb6a1eb6bfa4d89d5aa70816a68e45905
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:eb:9b:b3:ec:e4:e0:0f:f8:4a:f8:96:6f:c6:
4c:ed:e2:8e:45:87:f9:b6:15:43:56:70:c4:9d:09:
af:8c:79:d9:23:02:37:30:2a:fa:c0:1b:8f:1e:68:
98:84:b1:e8:c4:c5:9c:14:3e:eb:4d:33:c3:7e:b3:
b6:e4:ee:dc:c6:a9:fd:41:55:11:a1:38:7a:32:05:
16:51:8c:3b:54:b1:0b:88:6e:d4:b4:20:2c:54:e9:
bf:da:29:5f:43:1a:30:78:a4:00:4c:42:73:fa:bb:
63:46:9f:8a:21:ca:ff:3e:49:36:07:40:d6:0d:d2:
f8:33:40:99:51:39:f3:05:e2:97:c6:c2:02:51:49:
9f:0e:64:f3:44:1d:5c:a2:6c:1a:02:52:5d:e4:c6:
4b:15:52:90:1d:e6:35:f4:e1:4f:d5:31:2c:87:d9:
59:34:2f:7f:5b:92:e0:7b:7c:33:e6:f3:e8:a5:8f:
a0:17:e6:a0:7d:29:37:79:e5:90:3f:66:8d:22:b9:
6c:7e:37:b4:53:53:70:73:cf:59:62:86:af:cd:84:
f6:90:9c:49:11:01:db:27:8a:01:13:45:1f:b9:c0:
6c:b3:28:d4:ea:74:17:a6:e5:a5:d4:85:33:e6:18:
a4:c7:ac:fe:04:f1:57:ae:d0:8f:8a:11:33:6c:1b:
a5:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:1E:F9:FB:B6:A1:EB:6B:FA:4D:89:D5:AA:70:81:6A:68:E4:59:05
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/CB75-7ah62v6TYnVqnCBamjkWQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.47.148.0-77.47.159.255
77.47.212.0/23
77.47.244.0-77.47.255.255
185.143.56.0/22
195.178.144.0-195.178.155.255
Signature Algorithm: sha256WithRSAEncryption
14:73:16:7d:da:3d:e1:f4:b3:a8:57:00:19:63:4f:ec:3b:97:
40:ea:2c:73:16:1c:69:a6:46:76:34:65:da:3d:d6:2f:56:cc:
ef:d3:aa:31:8f:86:eb:ef:db:31:41:76:80:df:77:d0:86:f3:
61:4a:50:7f:70:fa:fa:21:fd:21:bb:4c:5c:4a:8c:44:2e:c7:
9f:01:5e:e7:06:a3:82:74:cd:5f:ca:18:54:47:5a:bc:98:53:
69:20:0d:a5:6d:43:4f:e5:12:a0:82:18:e1:f4:cb:0d:2a:d2:
db:2e:e5:ef:08:c9:96:c9:79:fd:33:be:90:f4:d2:75:e9:1a:
e6:59:6d:d4:f1:b0:be:e4:88:63:c8:ad:38:53:ae:a1:df:c2:
c2:5e:f7:7e:cf:b3:57:f0:69:08:c4:a7:f8:68:68:e6:cf:c4:
af:38:85:bd:e1:d4:9c:4c:06:77:ab:08:6b:0c:6e:c2:d2:e1:
3a:00:46:30:e4:7b:b7:76:5c:d3:d8:2e:df:48:78:9b:19:db:
99:c7:c8:1e:08:45:71:07:15:21:c4:b3:f1:02:50:f8:ca:4b:
df:14:1a:dd:d4:22:2e:c4:0f:7c:d8:f2:c9:3f:a4:1b:eb:36:
c7:7e:2e:7d:49:83:a2:0b:a3:78:1d:f5:aa:8b:43:03:12:04:
83:a1:e2:b7
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIEHTO+cTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
OTQyNjMyNWFjYjhjZTYwOWE2ODZmYTY1NWIwNTg5Njg4MDliMzQ2MB4XDTIyMDMy
MzE5MTcwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDgxZWY5ZmJiNmEx
ZWI2YmZhNGQ4OWQ1YWE3MDgxNmE2OGU0NTkwNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM7rm7Ps5OAP+Er4lm/GTO3ijkWH+bYVQ1ZwxJ0Jr4x52SMC
NzAq+sAbjx5omISx6MTFnBQ+600zw36ztuTu3Map/UFVEaE4ejIFFlGMO1SxC4hu
1LQgLFTpv9opX0MaMHikAExCc/q7Y0afiiHK/z5JNgdA1g3S+DNAmVE58wXil8bC
AlFJnw5k80QdXKJsGgJSXeTGSxVSkB3mNfThT9UxLIfZWTQvf1uS4Ht8M+bz6KWP
oBfmoH0pN3nlkD9mjSK5bH43tFNTcHPPWWKGr82E9pCcSREB2yeKARNFH7nAbLMo
1Op0F6blpdSFM+YYpMes/gTxV67Qj4oRM2wbpfUCAwEAAaOCAjgwggI0MB0GA1Ud
DgQWBBQIHvn7tqHra/pNidWqcIFqaORZBTAfBgNVHSMEGDAWgBQZQmMlrLjOYJpo
b6ZVsFiWiAmzRjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dVSmpKYXk0em1DYWFHLW1WYkJZbG9nSnMwWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvOGI2ZmIwLWE4NzUtNDk0Ny04YWU0LTAzZjRjNzExM2MzNC8x
L0NCNzUtN2FoNjJ2NlRZblZxbkNCYW1qa1dRVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
OGI2ZmIwLWE4NzUtNDk0Ny04YWU0LTAzZjRjNzExM2MzNC8xL0dVSmpKYXk0em1D
YWFHLW1WYkJZbG9nSnMwWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBO
BggrBgEFBQcBBwEB/wQ/MD0wOwQCAAEwNTAMAwQCTS+UAwQFTS+AAwQBTS/UMAsD
BAJNL/QDAwRNIAMEArmPODAMAwQEw7KQAwQCw7KYMA0GCSqGSIb3DQEBCwUAA4IB
AQAUcxZ92j3h9LOoVwAZY0/sO5dA6ixzFhxppkZ2NGXaPdYvVszv06oxj4br79sx
QXaA33fQhvNhSlB/cPr6If0hu0xcSoxELsefAV7nBqOCdM1fyhhUR1q8mFNpIA2l
bUNP5RKgghjh9MsNKtLbLuXvCMmWyXn9M76Q9NJ16RrmWW3U8bC+5IhjyK04U66h
38LCXvd+z7NX8GkIxKf4aGjmz8SvOIW94dScTAZ3qwhrDG7C0uE6AEYw5Hu3dlzT
2C7fSHibGduZx8geCEVxBxUhxLPxAlD4ykvfFBrd1CIuxA982PLJP6Qb6zbHfi59
SYOiC6N4HfWqi0MDEgSDoeK3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:42 2024 by rpki-client on console-fra.rpki-client.org